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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 



1 )[>3 Responsive to communication(s) filed on 29 June 2007 . 
2a)D This action is FINAL. 2b)E3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) [3 Claim(s) 1-6.8-14.16-22 and 24 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IEI Claim(s) 1-6.8-14.16-22 and 24 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) Q Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 
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application from the International Bureau (PCT Rule 17.2(a)). 
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Claim Rejections - 35 U.S.C. 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 9-14, 16 are rejected under 35 U.S.C. 101 because the claimed invention 
includes non-statutory subject matter. 

Claim 9, the cited computer readable medium, as submitted in the original 
disclosure, contains computer instruction signals, carrier wave, transmission medium. 
Transmission mediums such as signals and carrier waves represent physical 
characteristics of a form of energy that do not fall within any of the categories of 
patentable subject matter set forth in 35 U.S.C. 101 . Because forms of transmission 
mediums such as signals and carrier waves do not fall within any of the categories of 
patentable subject matter set forth in 35 U.S.C. 101 , thus the claims are rejected. Also 
see Diehr, 450 U.S. at 185-86, 209 USPQ at 8. 

In order to overcome the 35 U.S.C. 101 rejection to claims 9-14, 16, the applicant 
positively disavow, on the record, the embodiments of the inventions that include a 
computer readable medium wherein the computer readable medium is a transmission 
medium (with or without a carrier wave upon which the signals are modulated). 

Claims 10-14, 16 are rejected because they contain or inherit the deficiencies of 
claim 9. 

Claims 17-22, 24 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 
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The basis of this rejection is set forth in a test of whether the invention is 
categorized as a process, machine, manufacture or composition or matter and if the 
invention produces a useful, concrete and tangible result. Mere ideas in the abstract 
(i.e., abstract idea, law of nature, natural phenomena) are found to be non-statutory 
subject matter. In this case, the claimed invention shown in Claims 17-22, 24 fails to fall 
within any one of the above patentable categories set forth in 35 U.S.C. 101. 

As described in the claim 17, the mechanisms for apparatus according to the 
specification and drawings are seemingly software components. It is merely functional 
descriptive material and is nonstatutory. 

Claims 18-22, 24 are rejected because they contain or inherit the deficiencies of 
claim 17. 

In order to expedite the prosecution, 9-14, 16, 17-22, 24 are interpreted as an 
invention directed a process. 

Claim Rejection - 35 U.S.C. 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
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directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AlPA 35 U.S.C. 102(e)). 

Claims 1,4,5, 6, 9, 12, 13, 14, 17,20,21,22 are rejected under 35 
U.S.C. 102(e) as being anticipated by Fauble et al. (US 2003/0159054). 

Regarding Claims 1,9, 17, Fauble discloses a method for protecting an item of 
private information ("...conduct a secure business transactions...", lines 2-3, paragraph 
0088) in a database wherein the method comprises: 

receiving the item of private information ("...entering a checking account number, 
a social security number... through the reconfigurable secure keyboard console..."), 
wherein the item of private information is used as a key 1 for retrieving data from the 
database ("...processor 60 may then retrieve a transformed code...", paragraph 0052; 
"...retrieve the encryption key from first memory section 54", lines 1-5, paragraph 0053); 

creating a hash ("create an encrypted hashed message", paragraph 0013, lines 
8-12, and stored in "lookup table", line 1-3, paragraph 0050) of the item of private 
information at a database, wherein creating the hash further comprises checking a 
column attributes 2 for a column 3 ("identifies the location of the depressed key(s) in terms 
of a row and a column...", lines 6-8, paragraph 0051 ) which stores the item of private 

1 "key" is interpreted as the index of the data. Index is an inherent feature in all data inputs. In 
paragraphs 0052, 0053, Fauble teaches that the processor can retrieve the matched data from the lookup 
table. The inherent feature "index" or so called "key" is used to retrieve the matched data. 

2 "Column attributes" are inherent features in Fauble. In paragraph 0088, Fauble teaches checking 
account number, social security number, bank routing number. As seen, they show that there are three 
different types of categories of the private information in which these categories are the column attributes. 

3 Fauble identifies the location of the depressed key(s) in terms of a row and a column which includes the 
limitation "a column". 
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information 4 ("a plurality of values... actual input device inputs 5 ", lines 15-18, paragraph 
0051 ), in the database to determine that "privacy" is enabled for the column, and only 
upon privacy being enabled for the column 6 (paragraph 0095) creating the hash, and 
wherein the hash is a one-way hash ("a one way hash function will allow less data to be 
generated", paragraph 0012, lines 5-6); and 

storing the hash of the item of private information in the database ("...storing an 
encryption key the encryption key may be a hash value.", paragraph 0041). 

Regarding Claims 4, 12, 20, Fauble discloses that processing a query containing 
the private information involves: 

receiving the item of private information ("...entering a checking account number, 
a social security number..."; lines 9-10, paragraph 0088); 

creating a hash of the item of private information ("create an encrypted hashed 

message", paragraph 0013, lines 8-12; "...storing an encryption key the encryption 

key may be a hash value.", paragraph 0041), and 

querying 7 the database ("first memory section 54 may be utilized for storing an 
encryption key", "first memory section 54 may be written to or read by only the RSID 
processor, "encryption key may be a hash value", paragraph 0041) using the hash of 
the item of the private information. 

4 The private information is transformed into "values". 

5 "Actual input device inputs" also refers to the private information such as social security number, 
checking account number because those numbers entered from the keystroke. 

6 In paragraph 0095, when the RSID receives encryption key, the RSID processor 60 stores the 
transformed codes along with the plurality of values in a transformed lookup table. The "encryption key" 
enables the so called "privacy" and thereupon enables the processor to store the transformed value in a 
lookup table (hashed message encrypted in a table) which comprises rows and columns. 

7 "querying" interpreted as request to the database for storing, writing, reading. 
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Regarding Claims 5, 13, 21 , Fauble discloses that the item of private information 
can include social security number, (paragraph 0088, lines 9-10). 

Regarding Claims 6, 14, 22, Fauble discloses that the multiple items of private 
information can be combined 8 ("a checking account number, social security number, a 
bank routing number and the payment amount", lines 9-10, paragraph 0088) prior to 
creating the hash 9 . 

Claim Rejections - 35 U.S.C. 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 2, 10, 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fauble et al. (US 2003/0159054) in view of the term dictionary in Javvin. 

Regarding Claims 2, 10, 18, as discussed above, Fauble essentially discloses 
the claimed invention but does not explicitly disclose creating the hash can include 
creating either Secure Hash Algorithm-1 (SHA-1) or Message-Digest algorithm 5 (MD5) 
hash. However, Javvin dictionary teaches that Message-Digest algorithm 5 (MD5) 
(designed in 1991) is a popular algorithm in security application and to check the 



"combined" is interpreted as a situation when user enters the checking account number, social security 
number, a bank routing number and etc as a one input. 

9 "prior to the hash" is interpreted as before the values become hashed message (paragraph 0013) and 
entered to the table. Therefore, in Fauble, the private information has been combined or entered before 
they are stored in the table. 
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integrity of files. And Javvin also discloses that SHA-1 is recommended by 
cryptographers to overcome some flaws in MD5. It would have been obvious to one of 
ordinary skill in the art at the time the invention has been made to use either MD5 or 
SHA-1 in Fauble in order to provide additional security purpose since both MD5 and 
SHA-1 are widely used and known to a skilled in the art. 

Claims 3, 1 1, 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fauble et al. (US 2003/0159054) in view of Trostle (5,919,257). 

Regarding Claims 3, 1 1 , 19, Fauble essentially discloses the claimed invention 
but does not explicitly disclose the hash of the item in a manner that is transparent to an 
application. However, Trostle discloses a networked workstation for detecting intrusion 
to provide a more secure user friendly technique. Trostle teaches an advantage of 
transparency such as to detect illicit changes to the executable files resident on the 
workstation (Col. 3, lines 23-30). It would have been obvious to one of ordinary skill in 
the art to use Trostle's transparency method in Fauble in order to attain the advantage 
of detecting illicit changes on the workstation. 

Claims 8, 16, 24 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fauble et al. (US 2003/0159054) in view of the term dictionary in Microsoft Press. 

Regarding Claims 8, 16, 24, as discussed above, Fauble essentially discloses 
the claimed invention but does not explicitly disclose that the database is a Lightweight 
Directory Access Protocol (LDAP) database. However, Microsoft Press dictionary 
discloses that LDAP gives users a single tool to comb through data to find a particular 
piece of information. It would have been obvious to one of ordinary skill in the art at the 
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time the invention has been made to configure LDAP in Fauble's database in order to 
find the particular information by a single tool for a quicker process. 

Response to Arguments 
Applicant's arguments with respect to claims 1-6, 8-14, 16-22, 24 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

RedHat dictionary teaches that LDAP supports Secure Sockets Layer and 
Transport Layer Security, sensitive data can be protected from prying eyes 

Correspondence 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Examiner Wilson Lee whose telephone number is (571) 
272-1824. 

Papers related to the application may be submitted by facsimile transmission. 
Any transmission not to be considered an official response must be clearly marked 
"DRAFT". The official fax number is (571 ) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
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have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 




Wilson Lee 

Primary Examiner 

U.S. Patent & Trademark Office 

2/1/08 



